I want to integrate current certificates (root, disallowed) into Windows 7 installation ISO. How to do it (DISM?) and what cert files do I need: rootsupd.exe authrootstl.cab disallowedcertstl.cab ?
"update the source"? More info, please. I have integrated latest updates and drivers (mass storage + usb 3.x) and stucked with old certs. PS I can unpack rootsupd.exe and run 4 commands: updroots.exe authroots.sst updroots.exe updroots.sst updroots.exe -l roots.sst updroots.exe -d delroots.sst ...but how to "inject" it into installation ISO?
An ISO is a cabinet file of sorts. If you open the ISO, or extract the contents, you'll see all the individual files and folders. Those individual files and folders are what I'm calling the source. Creating an ISO is sort of like compiling a .exe file. I was assuming (and we know the dangers there) you created the ISO file. If you did, somewhere you have all the various files and folders you originally used if you didn't delete them. If you didn't make the ISO, or if you did delete your source data, you can still extract the files and folders and alter them with the appropriate software. You then use your favorite ISO generating utility to create a NEW ISO (that is now different from the original ISO) that contains the changes you want. It's been a while since I last create an ISO (early days of Windows 7) so new programs and processes may have been created. I've always preferred to work with the source files when I can. If you decide to do so, keep a copy of your original ISO in a safe place for security purposes. That way, if you muck up the working ISO copy you can scrap it and start over with a fresh copy of your source ISO. If this is all Greek to you, then you need to do a fair amount of research on creating and maintaining ISOs. IMHO, it's way beyond the scope of this forum to teach a course in ISO usage and maintenance. I'm sure there are numerous tutorials you can find with your favorite search engine.
Oh, really? I wrote that I already integrated latest updates and drivers, so you should assume that: - I know what ISO / boot ISO is - how to create/extract/etc. - I know what WIM is - I know what DISM and IMAGEX are - ...and many, many more. Again: I integrate updates using DISM with /Add-Package. I integrate drivers using DISM with /Add-Driver. How to intagrate new certs? If this is all Greek to you (sorry, but it looks like), then please don't waste your time on useless and pointless answers, and don't waste my time on reading it.